Re: Anyone having more information about the tcpdump security CVEs?
On Fri, Jan 27, 2017 at 10:25:42PM +0100, Ola Lundqvist wrote:
> Do anyone have any reference to something that I can have a look at to
> judge whether this package need an update in wheezy or not.
It definitively needs an update, however you should be aware that for
jessie the DSA will just update the package to the new upstream as we
don't have broken-out patches for these vulnerabilities. I'm working on
this right now.
I can prepare packages for wheezy as well if you need, but I'm not yet
familiar with how to get them uploaded to wheezy-lts.
Romain Francoise <firstname.lastname@example.org>